[Openswan Users] How do I sniff for decrypted packets

Jonah Wittkamper jonah at distributivenetworks.com
Mon Jan 26 18:04:49 EST 2009

I am running Openswan 2.4.9-r1


My only interfaces are eth0, eth1 and lo.


My vpn tunnel comes up but the back-and-forth has been an issue.  To
diagnose I need to sniff incoming packets, after they've been deleted.  


By running tcpdump on eth0 I can see ESP packets, but I can't see
decrypted packets.  My research on this mailing list suggests that I
should see both encrypted and decrypted packets, but I only see
encrypted ones.  


I thought turning on debug options would help log sufficient traffic
information to help, but it doesn't.


How am I supposed to sniff decrypted incoming packets?




-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090126/096da56d/attachment.html 

More information about the Users mailing list